Holy cow, I wrote a book!
the Image File Execution Options key
Its power can be used for evil as well as for good.
Its intended use is to force a program to run under a debugger
regardless of how it is launched (and secondarily to alter how
the system treats the program).
It's handy if you need to debug a program "in the wild"
rather than under the controlled environment of your favorite IDE.
For example, you can use it if you want to debug how a program
runs when it is launched by some other program you can't debug.
Two things people often forget:
Evil can be done with
the Image File Execution Options key.
Malware can install themselves as the "debugger" for a
frequently-run program (such as Explorer)
and thereby inject themselves into the execution sequence.
Note that the ability to use the Image File Execution Options key
for evil purposes is not a security hole.
To modify the key in the first place requires administrator permissions.
Consequently, anybody who can exploit this feature
already owns your machine.